Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Welcome to LinuxQuestions.org, a friendly and active Linux Community.

You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!

Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.

If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.

Having a problem logging in? Please visit this page to clear all LQ-related cookies.

Introduction to Linux - A Hands on Guide

This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.

I have a script that crond runs each night. The script pulls some sensitive files from an SFTP server and stores them in a folder on the local machine.
I need to encrypt those files on the filesystem. Ideally, I could encrypt the folder they're stored in to require a password whenever the files are accessed. The problem is that then crond wouldn't be able to access the files. Using something like ecryptfs would allow the cron script to mount the encrypted storage by supplying the password, but now the keys to the kingdom are just sitting in a cron shell script.
Is there a good way to approach this? One thought I had was finding a tool that lets cron encrypt the files using a public key, then require a password to decrypt them (silently using the password to access the related private key)
I don't want too much complexity on the decryption side, because I will have relatively non-tech people needing to access those files occasionally.

How granular do you need the encryption to be? Should users be able to access all encrypted files or should they only be able to access specific files? If you do not need it to be very granular and you trust all users on your system, then you could mount an encrypted file system and have cron dump to that mount.

You do not have to have the password for the encrypted file system sitting in the cron script.

perhaps defining a user account that has write only privileges (treat the folder like a drop box to that user) to the encrypted volume (no read or execute) and put the password for that user in the cron script, that way if the password from the cron script is compromised they can only add bogus material to the directory and not read or modify existing information? not sure the specifics of how to do that but i'm sure something like that can be done.

I can't trust everyone on the box; only users that know the decryption password. One of the things we're trying to protect against is a rogue root admin having access to sensitive information. I wish I could encrypt the data with one password (so cron could store that password in it's script), then decrypt it with a different password...

Again, thanks for the ideas. I'll keep looking for something that works.

I sense conflicting requirements.
- Can you give a description of the type of information?
- How could possessing of exposing this information compromise business, public image, et cetera?
- What other scenarios are you protecting against?
- What would keeping file contents sensitive be worth?
- What would be a practical reason against encrypting it against a shared GPG key on the server before transferring it?
* Note I'm completely ignoring ease of use because if the information truly is sensitive then ease of use can not be a priority.